News

LastPass hack happened by hacking high ranking employee

By admin
Spread the love

The attackers who stole data from LastPass also stole cloud backups in the process. That happened in a second attack that happened shortly after the first, attacking a senior programmer at the company.

That logs LastPass a new support document. This is a second incident that happened last year, shortly after LastPass reported a hack in August. The company then reported that it had been hacked but that only source code and technical information was stolen, but weeks later LastPass had to admit that encrypted passwords had also been stolen. Now the company says it has also accessed cloud backups through an employee.

After the initial attack, the attacker allegedly used information captured during the initial hack. It is not known what information that was, but between August 12 and October 26, the attacker would have explored the systems and exfiltrated internal data. Although LastPass logged activity, the attacker went unnoticed.

The attacker allegedly stole credentials from a senior devops programmer’s home computer. An interesting detail is that the attacker managed to get in by downloading the master password from the devops programmer, but the devops programmer then also approved the multi-factor authentication request himself. That programmer was one of four people within LastPass who had access to a LastPass vault containing AWS Access Keys. This allows backups of customer data and vaults that were in AWS S3 buckets to be stolen.

The backups on AWS contained a lot of information; LastPass has put another document online containing a list of stolen data. This includes mfa seeds and identifiable information, but the company also writes that five blobs were downloaded from backups of customers who had an account between August 20 and September 8. Those blobs also contained encrypted fields for passwords and unencrypted fields for URL names, for example. Another striking detail is that LastPass has hidden the new blog posts with a meta tag from search engines, discovered BleepingComputer.

LastPass says it has taken several actions. For example, the company has put extra security on mfa apps and credentials of internal employees have been reset. The AWS environment has also been analyzed and new security measures have been added.

You might also like
Extensions & Addns

ShortcutKey2URL for Chrome . Extension

News

Water collection from the air using a portable system

Review

AMD X870 Motherboards Review- ASUS, ASRock and MSI present line-ups

Review

New eras for old favorite – Civilization VII Review

Review

Waterproof range for your garden – TP-Link Deco X50-Outdoor Quick Test

Downloads

Download Office 365 Offline Installer ISO / IMG